This is an Authentication Profile of the International Grid Trust Federation describing the minimum requirements for a Short Lived X.509 Credential Services (SLCS). SLCS X.509 Public Key Certification Authorities (SLCS PKI CAs) issue short-term credentials to end-entities, who themselves control their key pair and their activation data. These CAs act as independent trusted third parties for both subscribers and relying parties within the infrastructure. These authorities use a long-term signing key, which is stored in a secure manner.